BCS Quickly Restores Its Largest Manufacturing Client’s Critical Operations After a Ransomware Attack With Datto Continuity
BCS is a Southeast Wisconsin-based managed service provider (MSP) founded in 2012. They primarily focus on architecture, engineering and construction (AEC), manufacturing, education and local government verticals. The company aims to carry out a unique approach in the managed services world that allows them to gel well with their customers and bring enterprise-level talent to organizations that otherwise wouldn’t have access to this type of support due to their size. The bulk of their services are aimed at providing scalable managed IT services to SMBs across the Midwest and targeted support to technology environments (e.g., managed voice solutions, project support and data migrations) for enterprises that employ a robust internal technology team.
- Company: BCS
- Industry: IT MSP
- Location: Wisconsin, USA
- Established: 2012
- Interviewed: Craig Staffin, Chief Technology Officer
“We chose Datto about four years ago for numerous reasons. The prominent ones were on-site backup and recovery as well as full cloud continuity. This offers a seamless and computed business continuity solution for our clients no matter where they are currently in their digital transformation journey.”
Chief Technology Officer, BCS
No matter how robust an organization’s security mechanism is, a few attacks sneak past the defense. Even one small mishap can send a ripple effect across the entire digital ecosystem of an MSP, enabling bad actors to access the critical machines in their client’s network. As soon as that happens, it’s essential to get back on your feet as quickly as possible.
However, this recovery procedure is an ordeal. Most companies take around two to three weeks to be up and running again, especially after a ransomware attack. This is often an indication of a clear lack of usage of on-site backup and recovery solutions and full cloud options among MSPs that can make data recovery fast and hassle-free.
BCS sought an advanced solution that covered all the business continuity and disaster recovery (BCDR) needs of an MSP. Additionally, they were looking for a solution whose business model dovetailed nicely with their managed services business.
“Datto has been an amazing partner and is by far the most robust and complete backup solution, with the least amount of time involved from my technicians to support it.”
Chief Technology Officer, BCS
When a daring ransomware attack hit one of its clients, BCS was able to act quickly and provide efficient data backup and recovery with the assistance of Datto — helping the client’s business return to normal in no time. BCS utilizes Datto Unified Continuity and SaaS Protection, with around 90% of their clients using some form of Datto solution.
On July 12, 2022, a client was exposed to a spear phishing incident. Within 48 hours, a PowerShell script execution resulted in the remote pushing of Black Basta ransomware to servers listed in the active directory. BCS immediately removed global routing from the network, thus preventing the spread between locations and within the site between network segments. BCS utilized on-site Datto virtual machine (VM) disk backups for rapid restoration of backup images to servers.
Datto Support was engaged to help restore numerous VMs. Every single server got restored quickly, and production was up and running in approximately 72 hours. Restoration of every workstation and server was completed in under two weeks. The client’s environment was completely restored in about two months, compared to the industry norm of six months to a year.
According to Craig, these unprecedented feats were largely achieved due to the use of Datto Unified Continuity.
“Without Datto as our partner for BCDR solutions, we would have likely been subjected to the industry norm of a 6 to 12 months turnaround for complete restoration of our client’s environment versus the 2 months that we were able to realize with Datto.”
Chief Technology Officer, BCS
On-site air-gapped backups can be crucial in combatting any ransomware attack. Datto incorporates this feature in its Unified Continuity suite and offers service for all server backups.
As Craig says, “We used Datto for all server backups in this recent ransomware incident. This allowed us to have VMs restored on top of the Datto devices before the actual physical servers were cleared from forensics.”